um, that looks terribly insecure to me... i believe for that to work, you'd have to add /bin/sh to /etc/sudoers as a sudo-able command, wouldn't you? but that surely wouldn't be right, there's no end of ways the security of the shell could be breached.

i believe the "right" way to do this is to put the "command_or_script" into /usr/local/bin with root.root ownership, non-world-writable, and add that command_or_scriptonly to /etc/sudoers. that way, you can run it as user with:

<pre>sudo -u user command_or_script</pre>

and let the system worry about the interpreter and its command line options. [ January 14, 2005: Message edited by: M Beck ]